Post navigation

We – as in, both the public and private sectors – are under the delusion that emailing content as password-protected .zip files is a secure way to share files, Senator Ron Wyden said in a letter sent to the National Institute of Standards and Technology (NIST) on Wednesday.

That’s just one of the non-secure ways that government agencies are sharing sensitive data, he said, because they don’t know how else to do it.

Government agencies routinely share and receive sensitive data through insecure methods – such as emailing .zip files – because employees are not provided the tools and training to do so safely.

That’s where you come in, Wyden said in the letter to NIST Director Walter G. Copan, asking that NIST come up with guidance on how to safely share sensitive documents with others over the internet. We need some help, Wyden said, given that it’s commonly thought that passwords protect .zip files…

Wyden noted that off-the-shelf hacking tools can be used to break into many password-protected .zip files:

[M]any of the software programs used to create .zip files use a weak encryption algorithm by default

But it’s password protected!

Wyden’s absolutely right, concurred Matthew D. Green, a cryptography associate professor at Johns Hopkins University. As he said in a Twitter thread, on many old versions of Windows, when you password-protect a Zip file with the operating system’s default utility, it’s done with the crusty, old, broken legacy scheme.

In fact, we explained how to crack old-school zip files right here on Naked Security about two years ago, as a way of recovering for free from ransomware called Filecode, which relied on the original zipcrypt “cipher” scheme to scramble your files.

As Green said:

We cryptographers are arguing over PGP key sizes. Meanwhile government employees are emailing each other documents encrypted with a cipher that was handily broken in the 90s.

We’re at risk if we don’t do something

We shouldn’t also be using broken encryption schemes and leaving sensitive data vulnerable by insecure file-sharing workflows. It leaves us open to yet more data breaches and cyber attacks. From Wyden’s letter:

The government must ensure that federal workers have the tools and training they need to safely share sensitive data.

To address this problem, I ask that NIST create and publish an easy-to-understand guide describing the best way for individuals and organizations to securely share sensitive data over the internet.

AFAIK, the 7-Zip code includes support for AES-based ZIP encryption (introduced, if memory serves, by WinZip way back in, what, 1999 or 2000?).

It’s worth remembering, however, that:

* Even users who have access to AES-based ZIP crypto in their archiving tool don’t always use it because not all unzipping tools support it.

* You still have the problem of how to get the password to the other end, and if you add it into the email to which you attach the ZIP (or send it in a followup email) you might as well use the crackable ZIP crypto.

* ZIP files are encrypted file-by-file, so metadata such as file and directory names, plus file sizes, can still be extracted. Also, if a ZIP archive is added to rather than created in one go, you can end up with some files in the archive encrypted and others not encrypted, as well as with different files encrypted at different strengths, which may give a false sense of security.

Your best bet is to use a dedicated file-and-folder encryption toolkit (yes, Sophos sells one, but that’s not why I am saying that) that can be properly managed…

…but if you have to fall back on your own arrangements, do be aware of the significant limitations of encrypted ZIPs, even if you are using (or think you are using) the latest encryption algorithm to do the actual scrambling.

Ironically, the ZIP format has been embraced and entrenched as the core of many other common file types.

For example, Android apps are delivered as APK files, which are just ZIP files with some specially-named manifest files inside. And Microsoft Office files – DOCXes, XLSXes, PPTXes and so on – are ZIP files, too.

I’m not sure – I’ve never used 7-Zip crypto, because I tend to use tar|gzip|gpg or tar|7z|gpg , thus using gzip and 7-Zip for compressing individual files only (a tarball), not for building archives or adding a later of encryption.

I *think* that 7-Zip lets you create archives where you can choose from any combo of ZIP+no crypto, 7z+no crypto, ZIP+zipcrypt, 7z+zipcrypt, ZIP+AES or 7z+AES. So I think the answer is, “It depends.”

Any big 7-Zip users out there who can tell us what the options (and the defaults) are?